Spring security logout not working
here is my configuration files when i am clicking on the logout button,this is not redirecting back to the login page. basically i am using Jsf along with the Spring webflow
i have defined logout link like this
<h:commandLink href="/certs/j_spring_security_logout" >Certificate </h:commandLink>
webconfig file
<bean id="CltSearch_signonRq" class="com.csc.exceed.certificate.domain.SignonRq">
<property name="clientApp" ref="CltSearch_clientApp" />
</bean>
<bean id="CltSearch_clientApp" class="com.csc.exceed.certificate.domain.ClientApp">
<property name="name" value="S3" />
</bean>
<bean id="custId" class="com.csc.exceed.certificate.domain.CustId" >
</bean>
<bean id="custPswd" class="com.csc.exceed.certificate.domain.CustPswd" >
</bean>
<bean id="clientApp" class="com.csc.exceed.certificate.domain.ClientApp" >
<property name="name" value="XCA" />
</bean>
<bean id="signonPswd" class="com.csc.exceed.certificate.domain.SignonPswd" >
<property name="custId" ref="custId" />
<property name="custPswd" ref="custPswd" />
</bean>
<bean id="signonRq" class="com.csc.exceed.certificate.domain.SignonRq">
<property name="clientApp" ref="clientApp" />
<property name="signonPswd" ref="signonPswd" />
</bean>
<bean id="oXMapper" class="com.csc.exceed.util.OXMapper" scope="session">
<property name="unmarshaller" ref="unmarshaller" />
<property name="marshaller" ref="marshaller" />
<property name="acordRequest" ref="acordRequest" />
<property name="acordResponse" ref="acordResponse" />
</bean>
<bean id="oXMapper2" class="com.csc.exceed.util.OXMapper" >
<property name="unmarshaller" ref="unmarshaller" />
<property name="marshaller" ref="marshaller" />
<property name="acordRequest" ref="acord开发者_开发技巧Request2" />
<property name="acordResponse" ref="acordResponse" />
</bean>
<bean id="unmarshaller" class="org.springframework.oxm.castor.CastorMarshaller">
<property name="mappingLocation"
value="classpath:/templates/mapping/ACORD_Response_Mapping.xml" />
</bean>
<bean id="marshaller" class="org.springframework.oxm.castor.CastorMarshaller">
<property name="mappingLocation"
value="classpath:/templates/mapping/ACORD_Request_Mapping.xml" />
</bean>
<bean id="acordRequest" class="com.csc.exceed.certificate.domain.ACORD" scope="session">
<property name="insuranceSvcRq" ref="insuranceSvcRq" />
<property name="signonRq" ref="CltSearch_signonRq" />
</bean>
<bean id="acordRequest2" class="com.csc.exceed.certificate.domain.ACORD">
<property name="signonRq" ref="signonRq" />
</bean>
<bean id="insuranceSvcRq" class="com.csc.exceed.certificate.domain.InsuranceSvcRq" scope="session">
<property name="com_csc_ClientSearchRq" ref="com_csc_ClientSearchRq" />
</bean>
<bean id="com_csc_ClientSearchRq"
class="com.csc.exceed.certificate.domain.Com_csc_ClientSearchRq" scope="session">
<property name="com_csc_SearchInfo" ref="com_csc_SearchInfo" />
</bean>
<bean id="com_csc_SearchInfo" class="com.csc.exceed.certificate.domain.Com_csc_SearchInfo" scope="session">
<property name="com_csc_SearchCriteria" ref="com_csc_SearchCriteria" />
</bean>
<bean id="com_csc_SearchCriteria"
class="com.csc.exceed.certificate.domain.Com_csc_SearchCriteria" scope="session">
<property name="com_csc_ClientSearch" ref="com_csc_ClientSearch" />
</bean>
<bean id="com_csc_ClientSearch" class="com.csc.exceed.certificate.domain.Com_csc_ClientSearch" scope="session">
</bean>
<bean id="acordResponse" class="com.csc.exceed.certificate.domain.AcordResponse" />
<bean id="postXmlToUrl" class="com.csc.exceed.util.PostXmlToUrl" />
<bean id="supportData" class="com.csc.exceed.util.SupportDataUtility" />
<bean id="logging" class="com.csc.exceed.aspect.logging.LoggingAspect">
</bean>
<bean id="searchHandler" class="com.csc.exceed.certificate.web.AccountSearchHandler" scope="session">
<property name="oXMapper" ref="oXMapper" />
<property name="applicationProperties" ref="applicationProperties" />
<property name="messageProperties" ref="messageProperties" />
</bean>
<bean id="exceptionHandling" class="com.csc.exceed.aspect.exception.ExceptionHandling">
</bean>
<bean id="applicationProperties"
class="org.springframework.beans.factory.config.PropertiesFactoryBean">
<property name="location">
<value>classpath:/config/application.properties</value>
</property>
</bean>
<bean id="messageProperties"
class="org.springframework.beans.factory.config.PropertiesFactoryBean">
<property name="location">
<value>classpath:/config/MessageResources.properties
</value>
</property>
</bean>
<bean id="xmlReader" class="com.csc.exceed.util.Validator" scope="session">
<property name="messageProperties" ref="messageProperties" />
<property name="applicationProperties" ref="applicationProperties" />
<property name="validationXml" value="classpath:/rules/validation-rules.xml" />
<property name="oXMapper" ref="oXMapper" />
</bean>
<bean id="login" class="com.csc.exceed.certificate.domain.ACORD">
<property name="signonRq" ref="signonRq" />
</bean>
<bean id="login2" class="com.csc.exceed.certificate.domain.ACORD">
<property name="signonRq" ref="signonRq" />
</bean>
<bean id="userManagerService" class="com.csc.exceed.aspect.security.UserManagerService" />
<bean id="customAuthenticationProvider"
class="com.csc.exceed.aspect.security.CustomAuthenticationProvider" scope="session">
<property name="userManagerService" ref="userManagerService"></property>
<property name="oXMapper" ref="oXMapper" />
<property name="oXMapper2" ref="oXMapper2" />
<property name="applicationProperties" ref="applicationProperties" />
<property name="messageProperties" ref="messageProperties" />
<property name="login2" ref="login2" />
</bean>
<bean id="customAuthenticationManager"
class="com.csc.exceed.aspect.security.CustomAuthenticationManager" scope="session">
<aop:scoped-proxy/>
<property name="authenticationProvider" ref="customAuthenticationProvider" />
<property name="oXMapper" ref="oXMapper" />
<property name="login" ref="login" />
</bean>
<cache:annotation-driven />
<bean id="cacheManager" class="org.springframework.cache.ehcache.EhCacheCacheManager">
<property name="cacheManager" ref="ehcache" />
</bean>
<bean id="ehcache"
class="org.springframework.cache.ehcache.EhCacheManagerFactoryBean">
<property name="configLocation" value="classpath:/config/ehcache.xml" />
</bean>
<bean id="checkSession" class="com.csc.exceed.util.CheckSession">
<property name="messageProperties" ref="messageProperties" />
</bean>
<security:http entry-point-ref="CMSAuthenticationEntryPoint" >
<security:custom-filter position="FORM_LOGIN_FILTER"
ref="customizedFormLoginFilter" />
<security:intercept-url pattern="/certs/signin/**"
access="IS_AUTHENTICATED_ANONYMOUSLY" />
<security:intercept-url pattern="/certs/AccountSearch"
access="ROLE_ADMIN,ROLE_GUEST,ROLE_USER" />
<security:session-management
session-fixation-protection="migrateSession" >
<security:concurrency-control max-sessions="1" error-if-maximum-exceeded="true" expired-url="/certificates_presentation/certs/signin?"/>
</security:session-management>
<security:logout logout-success-url="/certificates_presentation/certs/signin?" invalidate-session="true" />
</security:http>
<bean id="CMSAuthenticationEntryPoint"
class="com.csc.exceed.aspect.accesscontrol.CMSAuthenticationEntryPoint">
<property name="loginFormUrl" value="/certs/signin" />
<property name="forceHttps" value="false" />
</bean>
<bean id="customizedFormLoginFilter"
class="org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter" >
<property name="authenticationManager" ref="customAuthenticationManager" />
<property name="filterProcessesUrl" value="/certs/j_spring_security_check" />
<property name="authenticationSuccessHandler" ref="simpleURLSuccessHandler" />
<property name="authenticationFailureHandler" ref="simpleURLFailureHandler" />
</bean>
<bean id="simpleURLFailureHandler"
class="org.springframework.security.web.authentication.SimpleUrlAuthenticationFailureHandler">
<property name="defaultFailureUrl" value="/certs/signin" />
<!-- <property name="allowSessionCreation" value="true" /> -->
</bean>
<bean id="simpleURLSuccessHandler"
class="org.springframework.security.web.authentication.SimpleUrlAuthenticationSuccessHandler">
<property name="defaultTargetUrl" value="/certs/AccountSearch" />
<property name="alwaysUseDefaultTargetUrl" value="true" />
</bean>
<security:authentication-manager alias="authenticationManager">
</security:authentication-manager>
webxml file
<!-- Enables Spring Security -->
<filter>
<filter-name>springSecurityFilterChain</filter-name>
<filter-class>org.springframework.web.filter.DelegatingFilterProxy</filter- class>
</filter>
<filter>
<filter-name>requestContextFilter</filter-name>
<filter-class>org.springframework.web.filter.RequestContextFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>springSecurityFilterChain</filter-name>
<url-pattern>/*</url-pattern>
<dispatcher>REQUEST</dispatcher>
<dispatcher>INCLUDE</dispatcher>
<dispatcher>FORWARD</dispatcher>
</filter-mapping>
<listener>
<listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
</listener>
<listener>
<listener-class>
org.springframework.web.context.request.RequestContextListener</listener-class>
</listener>
<listener>
<listener-class>
org.springframework.security.web.session.HttpSessionEventPublisher</listener-class>
</listener>
<servlet>
<servlet-name>Spring MVC Dispatcher Servlet</servlet-name>
<servlet-class>org.springframework.web.servlet.DispatcherServlet</servlet-class>
<init-param>
<param-name>contextConfigLocation</param-name>
<param-value></param-value>
</init-param>
<load-on-startup>2</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>Spring MVC Dispatcher Servlet</servlet-name>
<url-pattern>/certs/*</url-pattern>
</servlet-mapping>
<servlet>
<servlet-name>Faces Servlet</servlet-name>
<servlet-class>javax.faces.webapp.FacesServlet</servlet-class>
<load-on-startup>1</load-on-startup>
</servlet>
<servlet-mapping>
<servlet-name>Faces Servlet</servlet-name>
<url-pattern>*.faces</url-pattern>
</servlet-mapping>
<welcome-file-list>
<welcome-file>index.html</welcome-file>
</welcome-file-list>
i have found answer.this is correct solution
<h:outputLink value="${request.contextPath}/j_spring_security_logout">logout</h:outputLink>
instead of command link
精彩评论